You need to hear this.

Bug in Exim leaves 400,000 servers at risk

If your organization uses Exim for email, it's time to update. Ars Technica reports that a critical flaw is putting as many as 400,000 servers at risk, and servers running Exim are vulnerable until updates.

"The flaw — which is in all releases of the Exim message transfer agent except for version 4.90.1— opens servers to attacks that can execute malicious code, researchers who discovered the vulnerability warned in an advisory published Tuesday," Ars Technica writes. "The buffer overflow vulnerability, which is indexed as CVE-2018-6789, resides in base64 decode function. By sending specially manipulated input to a server running Exim, attackers may be able to remotely execute code."

Exim said it is unsure of the severity of the vulnerability, and it believes an exploit is "difficult." A mitigation isn't currently known, and the only way to fix the issue is to update.

50,000 WordPress websites infected by cryptojacking mining scripts

Peter (Spiceworks) writes:

Millions of machines around the world are engaged in cryptomining to support the blockchains behind popular cryptocurrencies such as Bitcoin, Ethereum, and Monero. Many people enter into mining willingly in order to earn some cash on the side and to support the growing blockchain movement.

But at the same time, some hackers are stealing computing resources from unknowing victims, putting their cycles towards mining cryptocurrencies to enrich themselves. (We've previously covered this phenomenon, known as cryptojacking, in our "Word of the Week" series.)

Now breaking news suggests that the cryptojacking phenomenon is growing at an alarming rate, according to an article in The Next Web.

"Nearly 50,000 WordPress sites have been surreptitiously infected with crypto-jacking scripts, according to security researcher Troy Mursch from Bad Packets Report," The Next Web writes. "Relying on source-code search engine PublicWWW to scan the web for pages running crypto-jacking malware, Mursch was able to identify at least 48,953 affected websites."

Microsoft confirms Windows 10 S will become a "mode" in Windows 10

We've heard a lot about Windows 10 S in the past year, with Microsoft touting it as the future for lower powered machines, for corporations, and for education. The reception has been relatively lukewarm, and the Microsoft seems to have heard user's concerns.

Microsoft today announced it plans to shift Windows 10 S from a "distinct version" to a "mode" in standard Windows 10.

"Microsoft will need to be careful with its approach to a new S Mode for Windows 10, particularly with what devices will ship locked down by default," The Verge writes. "If the choice is left to PC partners then we could be looking at a mixed amount of devices shipping with S Mode enabled next year and potential confusion unless the move is explained well to consumers."

If a user receives a device in "S Mode" as stock, it will cost $49 to unlock a full version of Windows 10.

But there's more going on in the world than that.

Amazon and VMware bringing joint product to Europe

VMware and Amazon Web Services announced today they will be bringing a joint product to Europe. The release of VMware Cloud for AWS in Europe brings with it a slew of new features for European customers.

GeekWire writes, "The new version of the product will allow them to move additional mission-critical applications to AWS as needed by extending the number of availability zones in which VMware Cloud for AWS can run within a single region, he said. Multiple availability zones provide a little insurance in case something goes wrong in one availability zone, like what happened to AWS customers last week in Northern Virginia."

VMWare also announced several new data-analytics features and monitoring capabilities that will work with its VMware Cloud for AWS product.

And you can't not know this.

Amazon's Alexa finds users ... amusing

If you feel like you're always being laughed at, you may want to unplug your Alexa, as you may very well be. Users have been reporting that Amazon's voice assistant has been randomly, creepily laughing without being prompted, and Amazon has confirmed it is "aware of the problem."

"As noted in media reports and a trending Twitter moment, Alexa laughs without being prompted to wake," The Verge writes. "People on Twitter and Reddit reported that they thought it was an actual person laughing near them, which can be scary when you’re home alone. Many responded to the cackling sounds by unplugging their Alexa-enabled devices."

This bug is bizarrely reminiscent of a dystopian future where our devices mock us and refuse our commands.

If that was true "Windows 10
Fall Creators Update Pro for Workstation PCs
(WTFCUPFWP)" wouldn't have been released, instead they would have released "Windows 11 - We're sorry, here's a perpetually licensed Windows edition with no forced updates, the ability to install individual updates, fully QC tested updates, the ability to FULLY disable or remove Cortina, no spying, and we brought back media center"

Text

Amazon's voice assistant has been randomly, creepily laughing without being prompted

Whew, I was so close to allowing a digital "assistant" into my life. Thanks for giving me a chuckle and reminding me why I don't want these types of things in my house.

If you feel like you're always being laughed at, you may want to unplug your Alexa, as you may very well be. Users have been reporting that Amazon's voice assistant has been randomly, creepily laughing without being prompted, and Amazon has confirmed it is "aware of the problem."

"As noted in media reports and a trending Twitter moment, Alexa laughs without being prompted to wake," The Verge writes. "People on Twitter and Reddit reported that they thought it was an actual person laughing near them, which can be scary when you’re home alone. Many responded to the cackling sounds by unplugging their Alexa-enabled devices."

This bug is bizarrely reminiscent of a dystopian future where our devices mock us and refuse our commands.

People who aren't at least a little unnerved by AI may not know, or have forgotten, that it was a relatively short time ago that articles were written titled "Why a computer will never beat the best humans at Chess" and
"Why a computer will never beat the best humans at Go." Also, the same people might forget how Moore's law is exponential, and what "exponential" means. For example, if you start with one penny and double it every day, in one month you'll have more than five million dollars. Some people don't get what the curve of the graph looks like, and how far under it we could be in how short a period of time. I'm not typically a paranoid type, but the idea of what unchecked AI could become in my lifetime gives me pause.